Android Cookie Store

Additional

Language
Kotlin
Version
1.5.0 (Mar 20, 2022)
Created
Dec 28, 2019
Updated
Jan 9, 2023 (Retired)
Owner
Aleksandar 'Alex' Gotev (gotev)
Contributors
Aleksandar 'Alex' Gotev (gotev)
dependabot[bot]
dependabot-preview[bot]
Jimmy Morales (jimmymorales)
Jake Barnby (abnegate)
5
Activity
Badge
Generate
Download
Source code

Android Cookie Store

Latest version Release Notes and Demo App | Demo App Sources

Android InMemory and persistent Cookie Store for HttpURLConnection and OkHttp, with extensions to easily sync cookies in Android WebViews.

Why?

Neither HttpURLConnection nor OkHttp provides a native and rapid way of storing cookies persistently on Android. This library aims to fill this gap, by implementing the standard java.net.InMemoryCookieStore in Kotlin, with extendability in mind.

With this library you have:

  • super tiny footprint (the library is only a bunch of classes)
  • an in memory only cookie store
  • a shared preferences backed cookie store which can survive app reboots
  • possibility to extend both to provide your own custom implementation which best fits your needs without reinventing the wheel for cookie management

Compatibility

Android API 16+

Getting started

Add this to your dependencies:

implementation "net.gotev:cookie-store:x.y.z"

Replace x.y.z with

Usage

Create your Cookie Manager:

// Example extension function to demonstrate how to create both cookie stores
fun Context.createCookieStore(name: String, persistent: Boolean) = if (persistent) {
    SharedPreferencesCookieStore(applicationContext, name)
} else {
    InMemoryCookieStore(name)
}

val cookieManager = CookieManager(
    createCookieStore(name = "myCookies", persistent = true),
    CookiePolicy.ACCEPT_ALL
)

HttpURLConnection

To setup the default Cookie Manager:

CookieManager.setDefault(cookieManager)

OkHttp

Add the following dependency (suitable for JVM and Android):

implementation "net.gotev:cookie-store-okhttp:$cookieStoreVersion"

And when you build your OkHttpClient, set the Cookie Jar:

val okHttpClient = OkHttpClient.Builder()
    .cookieJar(JavaNetCookieJar(cookieManager))
    .build()

WebView

It's a common thing to obtain a cookie from an API and to open an authenticated web page inside an app which needs the cookie. You can find a complete working example in the demo app.

You have two ways of doing this:

  • Using WebKitSyncCookieManager
  • Using standard java.net.CookieManager

Using WebKitSyncCookieManager

val cookieManager = WebKitSyncCookieManager(
    store = createCookieStore(name = "myCookies", persistent = true),
    cookiePolicy = CookiePolicy.ACCEPT_ALL,
    onWebKitCookieManagerError = { exception ->
        // This gets invoked when there's internal webkit cookie manager exceptions
        Log.e("COOKIE-STORE", "WebKitSyncCookieManager error", exception)
    }
)

Then follow standard instructions from the Usage section to setup HttpURLConnection or OkHttp according to your needs.

Incoming Cookies will be automatically synced to WebKit's CookieManager. Syncing is unidirectional from WebKitSyncCookieManager to android.webkit.CookieManager to have a single source of truth and to prevent attacks coming from URLs loaded in WebViews. If you need bi-directional sync, think twice before doing it.

To clear cookies:

cookieManager.removeAll()

This will clear both the CookieStore and WebKit's Cookie Manager.

Using standard java.net.CookieManager

Cookies syncing is entirely up to you and manual.

To copy all cookies from the cookie store to the WebKit Cookie Manager:

cookieManager.cookieStore.syncToWebKitCookieManager()

Remember to do this before loading any URL in your web view.

To remove all cookies from the Cookie Store:

cookieManager.cookieStore.removeAll()

To remove all cookies from WebKit Cookie Manager:

android.webkit.CookieManager.getInstance().removeAll()

That's all folks!